<!DOCTYPE html>
<html>
  <head>
    <title>My App</title>
    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'">
  </head>
  <body>
    <div id="app"></div>
    <script src="./app.js" data-container="#app"></script>
  </body>
</html>
